search

FAForever / server

The servercode for the Forged Alliance Forever lobby
http://www.faforever.com
GNU General Public License v3.0
66 stars 62 forks source link

Kick players spoofing their name or rating #315

Open micheljung opened 6 years ago

micheljung commented 6 years ago

People spoofing their rating is a well-known problem. The best solution would be if not the player tells his peers what his rating is, but the peers would know from the server. Unfortunately, we don't seem to be able to send custom messages into the game yet (but there's a hack in place that should allow us to do so at least in lobby mode).

As an alternative, temporary solution, peers could tell the server what rating a player has reported to them. The server can then verify the claim against the actual rating and, on mismatch, removes the spoofing player from the game or even better, kickbans the player automatically for a few minutes.

While we can't force the game to be closed or tell the host of the game to kick the spoofing player (and it may even be the host itself who spoofs), removing the player from the game prevents him from receiving commands from the server, thus making it very difficult to impossible to participate in the game.

A unwanted side effect could be that everones game launches but not the spoofer's. This is unfortunate, but should happen very rarely and still kills the motiviation to spoof in the first place.

What needs to be done

  1. Add a new command like verify_rating to lobbyconnection
  2. Verify the claim against reality. Account for rounding errors
  3. Kick/Ban players on mismatch
duk3luk3 commented 6 years ago

Unfortunately, we don't seem to be able to send custom messages into the game yet

Correct.

(but there's a hack in place that should allow us to do so at least in lobby mode).

That hack isn't working.

As an alternative, temporary solution, peers could tell the server what rating a player has reported to them

That requires the same facilities.

Here is the list of Messages we can send into the game and potentially interpret:

Connected
CreateLobby
HasSupcom
HasForgedAlliance
HostGame
JoinGame
ConnectToPeer
DisconnectFromPeer
SendNatPacket
EjectPlayer

CreateLobby is the one that currently has a "hack" implemented in lobby.lua, however as I said, it doesn't work because the game will only accept a single CreateLobby message (the one for actually creating the lobby).

This needs to be solved first.

Brutus5000 commented 6 years ago

Did GPG remove the io-functionality from lua? Maybe the faf client could create files on demand (following a defined pattern) and the game reads them (either at defined states or continuously).

duk3luk3 commented 6 years ago

I am pretty sure we have zero access to file io once in-game. (the init script does have some file access, but that doesn't help us here.)

micheljung commented 6 years ago

How does "peers could tell the server" require the same facilities as "we can't send custom messages into the game"? We can send any kind of message to the server, so there's nothing keeping us from doing what I described.

I like the file-based idea @Brutus5000. If we are able to read/write any mounted file, this could actually solve our problem.

Crotalus commented 6 years ago

Yeah, the client can write data to a lua file somewhere and then it's possible to use it in lobby/game with:

dirty_module('file.lua') -- to be able to re-read the file
local data = import('file.lua`)

I guess one would need to poll the file for changes, not sure /EnableDiskWatch is a good idea in a running game. With that switch, lua-files are reloaded when changed (executing whatever code they contain).

KaukaHan commented 2 years ago

Is spoofing still a thing ? I havent seen a problem with rating in lobbys as far as i remember.

Askaholic commented 2 years ago

It's possible, but you can get banned for it.